CVE-2017-10602: Junos OS: buffer overflow vulnerability in Junos CLI
First published: Fri Jul 14 2017(Updated: )
A buffer overflow vulnerability in Junos OS CLI may allow a local authenticated user with read only privileges and access to Junos CLI, to execute code with root privileges. Affected releases are Juniper Networks Junos OS: 14.1X53 versions prior to 14.1X53-D46 on EX2200/VC, EX3200, EX3300/VC, EX4200, EX4300, EX4550/VC, EX4600, EX6200, EX8200/VC (XRE), QFX3500, QFX3600, QFX5100; 14.1X53 versions prior to 14.1X53-D130 on QFabric System; 14.2 versions prior to 14.2R4-S9, 14.2R6; 15.1 versions prior to 15.1F5, 15.1R3; 15.1X49 versions prior to 15.1X49-D40 on SRX Series; 15.1X53 versions prior to 15.1X53-D47 on NFX150, NFX250; 15.1X53 versions prior to 15.1X53-D65 on QFX10000 Series; 15.1X53 versions prior to 15.1X53-D233 on QFX5110, QFX5200.
Credit: sirt@juniper.net
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper JUNOS | =14.1x53 | |
| Juniper JUNOS | =14.2 | |
| Juniper JUNOS | =14.2-r1 | |
| Juniper JUNOS | =14.2-r2 | |
| Juniper JUNOS | =14.2-r3 | |
| Juniper JUNOS | =14.2-r4 | |
| Juniper JUNOS | =14.2-r5 | |
| Juniper JUNOS | =15.1 | |
| Juniper JUNOS | =15.1-a1 | |
| Juniper JUNOS | =15.1-f1 | |
| Juniper JUNOS | =15.1-f2 | |
| Juniper JUNOS | =15.1-f2-s1 | |
| Juniper JUNOS | =15.1-f2-s2 | |
| Juniper JUNOS | =15.1-f2-s3 | |
| Juniper JUNOS | =15.1-f2-s4 | |
| Juniper JUNOS | =15.1-f3 | |
| Juniper JUNOS | =15.1-f4 | |
| Juniper JUNOS | =15.1-f6 | |
| Juniper JUNOS | =15.1-r3 | |
| Juniper JUNOS | =15.1x49 | |
| Juniper JUNOS | =15.1x49-d10 | |
| Juniper JUNOS | =15.1x49-d20 | |
| Juniper JUNOS | =15.1x49-d30 | |
| Juniper JUNOS | =15.1x49-d35 | |
| Juniper JUNOS | =15.1x53-d10 | |
| Juniper JUNOS | =15.1x53-d20 | |
| Juniper JUNOS | =15.1x53-d21 | |
| Juniper JUNOS | =15.1x53-d25 | |
| Juniper JUNOS | =15.1x53-d30 | |
| Juniper JUNOS | =15.1x53-d32 | |
| Juniper JUNOS | =15.1x53-d33 | |
| Juniper JUNOS | =15.1x53-d34 | |
| Juniper JUNOS | =15.1x53-d40 | |
| Juniper JUNOS | =15.1x53-d45 | |
| Juniper JUNOS | =15.1x53-d70 |
Remedy
The following software releases have been updated to resolve this specific issue: 14.1X53-D46, 14.1X53-D130*, 14.2R4-S9, 14.2R6, 15.1F5, 15.1R3, 15.1X49-D40, 15.1X53-D47, 15.1X53-D65, 15.1X53-D233 16.1R1, and all subsequent releases. *Pending Publication This issue is being tracked as PR 1149652 and is visible on the Customer Support website.
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/title
- agent/remedy
- agent/severity
- agent/weakness
- agent/author
- agent/references
- agent/tags
- agent/first-publish-date
- agent/event
- agent/description
- vendor/juniper
- canonical/juniper junos
- version/juniper junos/14.1x53
- version/juniper junos/14.2
- version/juniper junos/14.2-r1
- version/juniper junos/14.2-r2
- version/juniper junos/14.2-r3
- version/juniper junos/14.2-r4
- version/juniper junos/14.2-r5
- version/juniper junos/15.1
- version/juniper junos/15.1-a1
- version/juniper junos/15.1-f1
- version/juniper junos/15.1-f2
- version/juniper junos/15.1-f2-s1
- version/juniper junos/15.1-f2-s2
- version/juniper junos/15.1-f2-s3
- version/juniper junos/15.1-f2-s4
- version/juniper junos/15.1-f3
- version/juniper junos/15.1-f4
- version/juniper junos/15.1-f6
- version/juniper junos/15.1-r3
- version/juniper junos/15.1x49
- version/juniper junos/15.1x49-d10
- version/juniper junos/15.1x49-d20
- version/juniper junos/15.1x49-d30
- version/juniper junos/15.1x49-d35
- version/juniper junos/15.1x53-d10
- version/juniper junos/15.1x53-d20
- version/juniper junos/15.1x53-d21
- version/juniper junos/15.1x53-d25
- version/juniper junos/15.1x53-d30
- version/juniper junos/15.1x53-d32
- version/juniper junos/15.1x53-d33
- version/juniper junos/15.1x53-d34
- version/juniper junos/15.1x53-d40
- version/juniper junos/15.1x53-d45
- version/juniper junos/15.1x53-d70